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REMARKS 

The Applicants request reconsideration of the final 
rejection mailed July 14, 2005: 

The Applicants have canceled rejected Claims 2-7, 9-19, 
and 23-25, without prejudice or disclaimer, in favor of new 
Claims 26-31 as set forth above. The Applicants respectfully 
submit that the rejected claims contained patentable 
distinctions from the prior art as asserted against them in 
the final rejection. However, the new claims have been 
substituted for the rejected claims in order to more clearly 
and distinctly characterize certain patentable features of the 
invention, as discussed more fully below. 

As set forth in new method Claim 26, the presently- 
claimed invention is characterized by a step of determining 
whether a combination of a first I/O port and a packet 
transmission source address contained in a header of a packet 
received at the first I/O port coincides with a combination of 
an I/O port and a transmission source address registered in 
advance with a correspondence therebetween. The method 
invention is further characterized by a step of transferring 
the received packet when a coincidence is determined to exist 
between the two combinations. On the other hand, transfer of 
the packet is limited, and a request for user authentication 
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is transmitted to the source terminal sending the packet, when 
there is determined to be no coincidence between the I/O port 
and received packet transmission source address and any 
previously-registered combination . 

Upon receiving user authentication information from the 
source terminal in response to the request for user 
authentication, the method includes a step of executing user 
authentication based on the user authentication information 
thus received and based on the packet transmission source 
address contained in the header of the packet . When the user 
is authenticated, the method registers the first I/O port at 
which the packet is received with a correspondence to the 
packet transmission source address contained in the header of 
the packet received at the first I/O port. Accordingly, the 
packet thus received is transferred. 

Apparatus Claim 29 recites a plurality of I/O ports 
coupled to a plurality of terminals, respectively; a 
communication portion for transmitting and receiving data via 
the plurality of I/O ports; a relay portion which determines a 
transmitting port from which a packet received via a receiving 
port is transferred under specified conditions; and an 
authentication portion which registers a receiving I/O port at 
which a packet is received and a packet transmission source 
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address contained in the packet with a correspondence 
therebetween under specified conditions. 

More particularly, the relay portion determines an 
transmitting I/O port, determines whether a combination of a 
receiving I/O port and a packet transmission, source address 
contained in a packet received at the receiving I/O port 
coincides with a combination registered in advance, and then 
transfers the received packet from the transmitting I/O port 
when a coincidence is determined. When no coincidence is 
determined, the relay portion requests user authentication to 
the source terminal of the received packet. The 
authentication portion registers the receiving I/O port at 
which the packet is received with a correspondence to the 
packet transmission source address of the received packet when 
completing user authentication based on user authentication 
information sent from the source terminal in response to the 
request for user authentication. 

In finally rejecting the now-canceled claims, the 
Examiner indicated that the primary reference to Jain et al . , 
U.S. 6,311,218 (Jain) discloses a packet relaying means that 
operates to learn whether there is correspondence between an 
I/O port which has received a packet and a source network . 
address identified in the packet on the basis of the source 
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network address contained in the packet, citing Column 5, 
"Authenticating a Port" and Column 6, "Controlling Access to 
the Network." 

In these passages, however, Jain discloses that an 
authentication process 89 invoked by a controller 82 causes a 
message to be sent to an unauthent icated end system requesting 
an identification such as a user id. According to Column 4, 
line 49 through Column 5, line 18, an authentication is 
required each time there is any interruption in the physical 
link with an end system connected to a particular network 
port. To determine whether authentication is required, Jain 
uses a mechanism at the physical layer to determine whether 
the end system is newly connected to the port, rebooted, or 
power cycled at the port. 

In a specific embodiment, point-to-point ethernet 
linkbeat is used to determine whether there has been any 
physical interruption to the end system. Thus, the controller 
is enabled to respond to the interruption in the linkbeat on 
the port by resetting an authentication bit in a port table 
85. The resumption of linkbeat on the port, or an attempt to 
send data on the port that is authenticated, will be detected 
by controller 82 and cause the controller to initiate the 
authentication process 89. 
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The Applicants note that Jain states that other 
mechanisms for detecting the interruption in the physical 
connection may be used, and indeed that any mechanism for a 
particular physical interface that can sense a disconnection 
from the physical interface or a reboot of the end system 
connected to the physical interface may be used with the 
authentication scheme. However, each disclosure of Jain, and 
each suggestion contained within the Jain patent for modifying 
the basic disclosure, requires authentication upon detecting 
an interruption, disconnection, or reboot as discussed above. 
Jain neither discloses nor suggests any correspondence between 
an I/O port that has received a packet and the source network 
address identified in the packet, or that a packet relay means 
operates to learn about any such correspondence. 

Therefore, Jain neither discloses nor suggests to act in 
accordance with the detection of any such correspondence, or 
in accordance with the determination that such a 
correspondence does not, in fact, exist. As a result, Jain 
cannot be said to change the content of stored correspondence 
information or cause a received packet to be relayed upon 
authentication based on a correspondence between the I/O port 
and the source network address. 
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In terms of new claim 26, Jain neither discloses nor 
suggests a step of determining whether a combination of a 
first I/O port and a packet transmission source address 
coincides with a combination of an I/O port and a transmission 
source address that have been registered in advance with a 
correspondence therebetween. Jain further does not disclose 
or suggest a step of transferring the received packet via a 
second I/O port when the determining step results in a 
determination that the combination of the first I/O port and 
the packet transmission source address coincides with a 
combination of an I/O port and transmission source address 
that have been registered in advance with a correspondence 
therebetween, while limiting transfer of the packet and 
transmitting a request for user authentication of a user to 
the source terminal when no coincidence is determined. Jain 
also does not disclose or suggest a step of executing user 
authentication of the user based on user authentication 
information and a packet transmission source address contained 
in the header of the packet, or a step of registering the 
first I/O port with a correspondence to the packet 
transmission source address when the user is authenticated. 

In terms of new Claim 29, Jain does not disclose or 
suggest a relay portion which determines whether a combination 
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of the receiving I/O port and a packet transmission source 
address contained in the received packet coincides with a 
combination of an I/O port and a transmission source address 
registered in advance, and which transfers the received packet 
from a transmitting I/O port when a coincidence is determined, 
while requesting user authentication to the source terminal 
when no coincidence is determined. Jain further does not 
disclose or suggest an authentication portion which registers 
the receiving I/O port with a correspondence to the packet 
transmission source address when completing user 
authentication based on user authentication information sent 
from the source terminal. 

The Applicants recognize that certain of the claims were 
rejected over the combination of Jain in view of Guthrie et 
al . , U.S. 6,161,185 (Guthrie). While Guthrie is discussed 
more fully below, the Applicants further note that the 
combination rejection in the final office action relied on 
Jain for the features distinguished above. Therefore, whereas 
the final rejection only noted the Applicants' distinguishing 
arguments regarding Guthrie, and did not consider the 
Applicants' distinguishing arguments regarding Jain (final 
rejection at Page 6, Item 6), the Applicants request full 
consideration of each of the foregoing arguments in 
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conjunction with the following arguments distinguishing 
Guthrie . 

In the final rejection, Guthrie is applied as teaching a 
step of sending an e-mail message to certain entities when 
authentication fails. Guthrie is applied in combination with 
the teachings of Jain. Like Jain, Guthrie does not teach any 
relation or correspondence established between an I/O port at 
which a packet is received and a packet transmission source 
address from which the packet is received at the I/O port. 
Further, Guthrie does not teach or suggest any reliance on 
such a determination, and particularly does not teach or 
suggest that the transfer of the received packet is made based 
on a determination of whether a coincidence exists between a 
corresponding I/O port and transmission source address. 
Guthrie also does not request user authentication information 
when such a coincidence is determined not to exist, and does 
not register a correspondence between the receiving I/O port 
and the packet transmission source address when user 
authentication is completed. 

Because neither Jain nor Guthrie discloses these features 
of the invention, it necessarily follows that the combination 
of Jain and Guthrie does not teach these features of the 
invention . 
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In addition, as also previously noted, the secondary 
reference to Malkin et al . , "Portable Node Support Using 
Mobile IP Protocol" (Malkin), applied in rejecting Claim 7, is 
only applied as teaching the use of mobile IP protocols, and 
neither teaches nor suggests the features of the invention 
lacking from Jain and Guthrie as discussed above. Therefore, 
Malkin does not contribute to a case of prima facie 
obviousness of any of the new claims. 
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ASA-838 



In view of the foregoing new claims and remarks, the 
Applicants request reconsideration of the rejection and 
allowance of the claims. 
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